Java Code Examples for java.security.cert.X509CertSelector#setSubjectKeyIdentifier()
The following examples show how to use
java.security.cert.X509CertSelector#setSubjectKeyIdentifier() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ForwardBuilder.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 2
| Source File: ForwardBuilder.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 3
| Source File: ForwardBuilder.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 4
| Source File: ForwardBuilder.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 5
| Source File: ForwardBuilder.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 6
| Source File: ForwardBuilder.java From hottub with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 7
| Source File: ForwardBuilder.java From Bytecoder with Apache License 2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 8
| Source File: ForwardBuilder.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 9
| Source File: ForwardBuilder.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
Example 10
| Source File: X509CertSelectorTest.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 11
| Source File: X509CertSelectorTest.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 12
| Source File: X509CertSelectorTest.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 13
| Source File: X509CertSelectorTest.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 14
| Source File: X509CertSelectorTest.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 15
| Source File: X509CertSelectorTest.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 16
| Source File: X509CertSelectorTest.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Example 17
| Source File: PKIXCertPathReviewer.java From RipplePower with Apache License 2.0 | 4 votes |
|
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
Collection trustColl = new ArrayList();
Iterator it = trustanchors.iterator();
X509CertSelector certSelectX509 = new X509CertSelector();
try
{
certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));
certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
byte[] keyID = authID.getKeyIdentifier();
if (keyID != null)
{
certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
}
}
}
catch (IOException ex)
{
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
throw new CertPathReviewerException(msg);
}
while (it.hasNext())
{
TrustAnchor trust = (TrustAnchor) it.next();
if (trust.getTrustedCert() != null)
{
if (certSelectX509.match(trust.getTrustedCert()))
{
trustColl.add(trust);
}
}
else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
{
X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
X500Principal caName = new X500Principal(trust.getCAName());
if (certIssuer.equals(caName))
{
trustColl.add(trust);
}
}
}
return trustColl;
}
Example 18
| Source File: PKIXCertPathReviewer.java From ripple-lib-java with ISC License | 4 votes |
|
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
Collection trustColl = new ArrayList();
Iterator it = trustanchors.iterator();
X509CertSelector certSelectX509 = new X509CertSelector();
try
{
certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));
certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
byte[] keyID = authID.getKeyIdentifier();
if (keyID != null)
{
certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
}
}
}
catch (IOException ex)
{
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
throw new CertPathReviewerException(msg);
}
while (it.hasNext())
{
TrustAnchor trust = (TrustAnchor) it.next();
if (trust.getTrustedCert() != null)
{
if (certSelectX509.match(trust.getTrustedCert()))
{
trustColl.add(trust);
}
}
else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
{
X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
X500Principal caName = new X500Principal(trust.getCAName());
if (certIssuer.equals(caName))
{
trustColl.add(trust);
}
}
}
return trustColl;
}
